	<?php
	include_once('inc_admin.php');
	//连接数据
	connect();
	session_start();
	$u=$_SESSION["user"];
	$oldpswd=$_POST["old"];
	$newpswd1=$_POST["new1"];
	$newpswd2=$_POST["new2"];
	$sql0="select * from users where uname='$u'";
	$rs=mysql_query($sql0);
	$row=mysql_fetch_assoc($rs);
	if(strcmp($row["password"],md5($oldpswd))!=0)
	{
	header("location:index.php?re3=1&msg3=修改失败，原密码不正确，请重新填写");
	}else
	if(strcmp($newpswd1,$newpswd2)!=0)
	{
	header("location:index.php?re4=1&msg4=修改失败，新密码和确认密码不一致，请重新填
	写");

	}else{
	$sql="update users set password=md5('$newpswd1') where uname='$u'";
	$rs=mysql_query($sql);
	if($rs==1)
	header("location:index.php?re5=1&msg5=修改成功，请点击关闭按钮返回首页");
	else
	{
		echo "<h2>密码修改失败，3 秒后返回网站首页<h2>";
	header('Refresh: 3; url=index.php');
	}
	}
	?>